Facebook data collection under fire again
A German data protection agency is concerned Facebook is collecting data in violation of E.U. law
IDG News Service - A German privacy protection authority is calling on organizations there to close their Facebook fan pages and remove the social networking site's "Like" button from their websites, arguing that Facebook harvests data in violation of German and European Union law.
The Independent Centre for Privacy Protection (ULD), the privacy protection agency for the German state of Schleswig-Holstein, issued a news release on Friday saying Facebook builds a broad, individualized profile for people who view Facebook content on third-party websites.
Data is sent back to Facebook's servers in the U.S., which the agency alleges violates the German Telemedia Act, the German Federal Data Protection Act and the Data Protection Act of Schleswig-Holstein. The agency alleges the data is held by Facebook for two years, and wants website owners in the state to remove links to Facebook by the end of next month or possibly face a fine.
ULD officials could not be reached on Tuesday for comment. Facebook said in a statement that it firmly rejected allegations that it is in violation of E.U. data protection standards.
"The Facebook Like button is such a popular feature because people have complete control over how their information is shared through it," the company said in a statement. "For more than a year, the plugin has brought value to many businesses and individuals every day. We will review the materials produced by the ULD, both on our own behalf and on the behalf of web users throughout Germany."
Third-party websites use Facebook's "Like" button -- known generally as a "social plugin" -- as a means of promotion, letting their visitors share information they find useful through their own Facebook profiles. When a Facebook user clicks the Like button, it will result in a "story" within the user's News Feed on Facebook, along with a link to the website.
When the Like button is displayed on a third-party website, Facebook collects data including the user's computer operating system and IP (Internet protocol) address -- and, if the user is logged in to Facebook, their Facebook user ID. Facebook delivers information back to the website using the button, including the number of Likes. It also supplies demographic information, such as the percentage of visitors by gender, their age range, language, city and country.
Facebook retains logs of the IP addresses of logged-out members for 90 days before deleting them, which is an industry-accepted time frame, Facebook has said.
Facebook also allows advertisers to purchase campaigns using items that people "Like" as denoted on their profiles, something the company terms "Interests Targeting."
The move by the ULD is the latest problem for Facebook in Germany, which has undertaken close examinations of social networking services for potential privacy violations.
Earlier this month, Hamburg's Data Protection Agency (DPA) sent a letter to Facebook saying the social networking site should get users' consent before their biometric data, used to enable the automatic photo tagging feature, is stored.
Users can opt out of the feature, but the DPA claims that the process is unclear. The DPA contends that E.U. privacy regulations require that users give their consent before their data is stored, including the data used to enable tagging. Facebook said it rejects any claim it is not meeting E.U. law.
Send news tips and comments to email@example.com
- Franken presses Ford on location data collection practices
- Justices let stand appeals court decision on border searches of laptops
- California lawmakers move to bar state help to NSA
- Appeals court again nixes Google's bid to overturn Street View case
- Older Mac webcams can spy without activating warning light
- Update: Judge rules NSA spy efforts may be unconstitutional
- Perspective: Privacy concerns could keep Amazon delivery drones grounded
- NSA collects data from millions of cellphones daily
- Perspective: Curbing data use is key to reining in NSA
- Lavabit-DOJ dispute zeroes in on encryption key ownership
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts